diff --git a/core/modules/system/src/Form/ModulesUninstallForm.php b/core/modules/system/src/Form/ModulesUninstallForm.php index 2674f0c..6799708 100644 --- a/core/modules/system/src/Form/ModulesUninstallForm.php +++ b/core/modules/system/src/Form/ModulesUninstallForm.php @@ -7,6 +7,7 @@ namespace Drupal\system\Form; +use Drupal\Component\Utility\SafeMarkup; use Drupal\Core\Extension\ModuleHandlerInterface; use Drupal\Core\Extension\ModuleInstallerInterface; use Drupal\Core\Form\FormBase; @@ -164,7 +165,7 @@ public function buildForm(array $form, FormStateInterface $form_state) { $disabled_message = \Drupal::translation()->formatPlural(count($required_modules), 'To uninstall @module, the following module must be uninstalled first: @required_modules', 'To uninstall @module, the following modules must be uninstalled first: @required_modules', - array('@module' => $module->getName(), '@required_modules' => implode(', ', $required_modules))); + array('@module' => $module->getName(), '@required_modules' => SafeMarkup::checkAdminXss(implode(', ', $required_modules)))); $disabled_message = '
' . $disabled_message . '
'; } else { @@ -174,7 +175,7 @@ public function buildForm(array $form, FormStateInterface $form_state) { $disabled_message = \Drupal::translation()->formatPlural(count($validation_reasons[$module_key]), 'The following reason prevents @module from being uninstalled: @reasons', 'The following reasons prevent @module from being uninstalled: @reasons', - array('@module' => $module->getName(), '@reasons' => implode('; ', $validation_reasons[$module_key]))); + array('@module' => $module->getName(), '@reasons' => SafeMarkup::checkAdminXss(implode('; ', $validation_reasons[$module_key])))); $disabled_message = '
' . $disabled_message . '
'; }